CVE-2018-0449

CVE-2018-0449 is a medium-severity vulnerability in Cisco Jabber with a CVSS 3.x base score of 4.2. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-732.

Key facts

Description

A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory permissions set on a JCF created directory. An authenticated attacker with the ability to access an affected directory could create a hard link to an arbitrary location on the affected system. An attacker could convince another user that has administrative privileges to perform an install or update the Cisco Jabber for Mac client to perform such actions, allowing files to be created in an arbitrary location on the disk or an arbitrary file to be corrupted when it is appended to or overwritten.

Frequently asked questions

What is CVE-2018-0449?
A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory permissions set on a JCF created directory. An authenticated attacker with the ability to access an affected directory could create a hard link to an arbitrary location on the affected system. An attacker could convince another user that has administrative privileges to perform an install or update the Cisco Jabber for Mac client to perform such actions, allowing files to be created in an arbitrary location on the disk or an arbitrary file to be corrupted when it is appended to or overwritten.
How severe is CVE-2018-0449?
CVE-2018-0449 has a CVSS 3.x base score of 4.2, rated medium severity. It is exploitable over local access with low attack complexity, requires high privileges and user interaction. Impact on confidentiality is none, integrity high, and availability none.
Is CVE-2018-0449 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (19th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2018-0449?
CVE-2018-0449 affects Cisco Jabber. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2018-0449?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2018-0449 published?
CVE-2018-0449 was published on 2019-01-10 and last updated on 2026-06-17.

References

Affected products (1)

More vulnerabilities in Cisco Jabber

All CVEs affecting Cisco Jabber →

Other CWE-732 (Incorrect Permission Assignment for Critical Resource) vulnerabilities

Browse all CWE-732 (Incorrect Permission Assignment for Critical Resource) vulnerabilities →